Commit a3ab6d42 changed the libvirtd profile to a named profile
but neglected to accommodate the change in the qemu profile
ptrace and signal rules. As a result, libvirtd is unable to
signal confined qemu processes and hence unable to shutdown
or destroy VMs.
Add ptrace and signal rules that refer
Commit a3ab6d42 changed the libvirtd profile to a named profile,
breaking the apparmor driver's ability to detect if the profile is
active. When the apparmor driver loads it checks the status of the
libvirtd profile using the full binary path, which fails since the
profile is now referenced by name
This series fixes a few things I broke when changing the libvirtd apparmor
profile to a named profile. See patches for details. Too bad I didn't make
it for 5.1.0 release
Jim Fehlig (2):
apparmor: Check libvirtd profile status by name
apparmor: Add ptrace and signal rules for named profile
On 2/27/19 11:29 AM, Daniel P. Berrangé wrote:
Change the domain conf so invoke the new network port public APIs instead
of the network callbacks.
Signed-off-by: Daniel P. Berrangé
---
src/conf/domain_conf.c | 262
src/conf/domain_conf.h | 26 -
* Igor Mammedov (imamm...@redhat.com) wrote:
> On Fri, 1 Mar 2019 15:49:47 +
> Daniel P. Berrangé wrote:
>
> > On Fri, Mar 01, 2019 at 04:42:15PM +0100, Igor Mammedov wrote:
> > > The parameter allows to configure fake NUMA topology where guest
> > > VM simulates NUMA topology but not actuall
On Fri, Mar 01, 2019 at 06:33:28PM +0100, Igor Mammedov wrote:
> On Fri, 1 Mar 2019 15:49:47 +
> Daniel P. Berrangé wrote:
>
> > On Fri, Mar 01, 2019 at 04:42:15PM +0100, Igor Mammedov wrote:
> > > The parameter allows to configure fake NUMA topology where guest
> > > VM simulates NUMA topolo
On Fri, 1 Mar 2019 15:49:47 +
Daniel P. Berrangé wrote:
> On Fri, Mar 01, 2019 at 04:42:15PM +0100, Igor Mammedov wrote:
> > The parameter allows to configure fake NUMA topology where guest
> > VM simulates NUMA topology but not actually getting a performance
> > benefits from it. The same or
On Fri, Mar 01, 2019 at 06:03:04PM +0100, Andrea Bolognani wrote:
> On Thu, 2019-02-28 at 15:53 +, Daniel P. Berrangé wrote:
> [...]
> >apparmor:
> > deb: libapparmor-dev
> > +cross-policy-Debian: foreign
>
> Maybe we should use 'cross-policy-deb' instead? It's true that
> we're o
On Thu, 2019-02-28 at 15:53 +, Daniel P. Berrangé wrote:
[...]
>apparmor:
> deb: libapparmor-dev
> +cross-policy-Debian: foreign
Maybe we should use 'cross-policy-deb' instead? It's true that
we're only doing cross compilation on Debian at the moment, but if
we wanted to extend th
On Mon, 18 Feb 2019, Christian Ehrhardt wrote:
> So far we were detecting at guest start if any devices needed vhost net
> and only if that was true added a rule for /dev/vhost-net.
>
> It turns out that it is an absolutely valid case to start a guest
> without any vhost-net networking but later
On Thu, 2019-02-28 at 15:53 +, Daniel P. Berrangé wrote:
[...]
> +@staticmethod
> +def convert_native_arch_to_abi(native_arch):
I'd s/convert_// for all these small helper functions.
> +archmap = {
> +"aarch64": "aarch64-linux-gnu",
Some extra whitespace sneaked
On Thu, Feb 28, 2019 at 17:29:15 +0100, Ján Tomko wrote:
> On Wed, Feb 27, 2019 at 02:29:07PM +0100, Jiri Denemark wrote:
> >The signature computation code is not too complicated and it will likely
> >never change so testing it is not very important. We do it mostly for a
> >nice side effect of eas
On Thu, 2019-02-28 at 15:53 +, Daniel P. Berrangé wrote:
> Both libnuma and xen are only available on a subset of architectures so
> need to be filtered accordingly.
>
> Signed-off-by: Daniel P. Berrangé
> ---
> guests/vars/mappings.yml | 6 +-
> 1 file changed, 5 insertions(+), 1 deleti
On Thu, 2019-02-28 at 15:53 +, Daniel P. Berrangé wrote:
> For example to prevent Xen being installed on any s390x
>
> xen:
> deb: libxen-dev
> Fedora: xen-devel
> s390x-default:
>
> Or the inverse to only install Xen on x86_64 on Debian, but allow
> it on all archs on Fedora
>
Rewrite the code to make usage of some VIR_AUTOFREE logic.
Suggested-by: Erik Skultety
Signed-off-by: John Ferlan
---
src/conf/domain_conf.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index be6e223e
Let's make use of the auto __cleanup capabilities for virObjectUnref
consumers.
Signed-off-by: John Ferlan
---
src/conf/domain_conf.c | 24
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index da2175713d..c0
More path cleanup from code review from methods that I didn't touch
as part of the original set of changes, but Erik called out. Plus now
with the VIR_AUTOUNREF added that meant a couple more modules could be
altered to clean up their return paths.
I will merge with previous once ACK'd
Signed-off
Now that we're using VIR_AUTOFREE there's quite a bit of clean up
possible for now unnecessary goto paths.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 801 -
1 file changed, 310 insertions(+), 491 deletions(-)
diff
Seems I missed a few more VIR_AUTOFREE capable places. Once ACK'd
I will merge with previous.
Signed-off-by: John Ferlan
---
src/conf/domain_conf.c | 20
1 file changed, 8 insertions(+), 12 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index c06c
Now that we're using VIR_AUTOPTR(virBitmap) there's a couple of methods
that we can clean up some now unnecessary goto paths.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 26 +-
1 file changed, 9 insertions(+), 17 deletions(-)
diff
In preparation for VIR_AUTOFREE usage, let's remove a couple
of unused variables so that clang compilations won't fail.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 7 +--
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/conf/domain_conf
Let's make use of the auto __cleanup capabilities for VIR_FREE consumers.
In some cases adding or removing blank lines for readability.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 1080 +---
1 file changed, 347 insertion
v2: https://www.redhat.com/archives/libvir-list/2019-February/msg01201.html
Changes since v2:
Patches 1-5 are marked w/ reviewed-by
Added patch 6 to add a few more VIR_AUTOFREE on char *'s that I missed
in the first passes - these would be merged with previous after a
successful review.
Added p
Let's make use of the auto __cleanup capabilities for virBitmapPtr.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 21 +++--
1 file changed, 7 insertions(+), 14 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 9
In preparation for using auto free mechanism, change to using the
VIR_STEAL_PTR on @def to @ret and of course be sure to properly clean
up @def in cleanup.
Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
---
src/conf/domain_conf.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions
On 3/1/19 8:38 AM, Erik Skultety wrote:
> On Wed, Feb 27, 2019 at 12:31:56PM -0500, John Ferlan wrote:
>> ping?
>>
>> I also think that w/ Peter's addition of VIR_XPATH_NODE_AUTORESTORE even
>> more changes could be done, but I'd leave those for either Peter to
>> finish what he started or the m
On Fri, Mar 01, 2019 at 05:19:29PM +0100, Andrea Bolognani wrote:
> On Thu, 2019-02-28 at 18:03 +, Daniel P. Berrangé wrote:
> > On Thu, Feb 28, 2019 at 06:46:41PM +0100, Andrea Bolognani wrote:
> > > Okay, so I guess you need to have cross_target=i686-linux-gnu for
> > >
> > > ENV CONFIGURE
On Thu, 2019-02-28 at 18:03 +, Daniel P. Berrangé wrote:
> On Thu, Feb 28, 2019 at 06:46:41PM +0100, Andrea Bolognani wrote:
> > Okay, so I guess you need to have cross_target=i686-linux-gnu for
> >
> > ENV CONFIGURE_OPTS "--host={cross_target} \
> > --target={cross_tar
On Fri, 2019-03-01 at 14:59 +0100, Ján Tomko wrote:
> On Thu, Feb 28, 2019 at 05:38:46PM +0100, Andrea Bolognani wrote:
[...]
> > +++ b/tests/qemuxml2xmloutdata/channel-unix-source-path-active.xml
> > @@ -22,14 +22,17 @@
> >> function='0x0'/>
> >
> >
> > + > path='/tmp/chann
On Fri, Mar 01, 2019 at 04:42:15PM +0100, Igor Mammedov wrote:
> The parameter allows to configure fake NUMA topology where guest
> VM simulates NUMA topology but not actually getting a performance
> benefits from it. The same or better results could be achieved
> using 'memdev' parameter. In light
1) "I'm considering to deprecating -mem-path/prealloc CLI options and replacing
them with a single memdev Machine property to allow interested users to pick
used backend for initial RAM (fixes mixed -mem-path+hostmem backends issues)
and as a transition step to modeling initial as a Device inste
Implict RAM distribution between nodes has exactly the same issues as:
"numa: deprecate 'mem' parameter of '-numa node' option"
only with QEMU being the user that's 'adding' 'mem' parameter.
Depricate it, to get it out of the way so that we could switch to
consistent guest RAM allocation using m
The parameter allows to configure fake NUMA topology where guest
VM simulates NUMA topology but not actually getting a performance
benefits from it. The same or better results could be achieved
using 'memdev' parameter. In light of that any VM that uses NUMA
to get its benefits should use 'memdev'
On Thu, Feb 28, 2019 at 05:38:47PM +0100, Andrea Bolognani wrote:
Some test cases are only executed using WHEN_INACTIVE, and the
output file name should reflect this for clarity.
Signed-off-by: Andrea Bolognani
---
I'm actually not entirely convinced I prefer having the -inactive
suffix for the
On Thu, Feb 28, 2019 at 05:38:46PM +0100, Andrea Bolognani wrote:
There are a few cases where we are using either WHEN_ACTIVE
or WHEN_INACTIVE even though WHEN_BOTH would work perfectly
fine: for those, start using the simpler DO_TEST() macro.
The goal of those test cases is to test some specif
On Wed, Feb 27, 2019 at 12:31:56PM -0500, John Ferlan wrote:
> ping?
>
> I also think that w/ Peter's addition of VIR_XPATH_NODE_AUTORESTORE even
> more changes could be done, but I'd leave those for either Peter to
> finish what he started or the mythical future someone else.
I also found some oc
On Fri, Mar 01, 2019 at 01:44:00PM +0100, Erik Skultety wrote:
> On Wed, Feb 20, 2019 at 01:34:04PM -0500, John Ferlan wrote:
> > Now that we're using VIR_AUTOFREE there's quite a bit of clean up
> > possible for now unnecessary goto paths.
> >
> > Signed-off-by: John Ferlan
> > ---
> Reviewed-by:
On Thu, Feb 28, 2019 at 05:38:45PM +0100, Andrea Bolognani wrote:
disk-mirror-old has different output file for the active and
inactive parts, which should be named accordingly; on the other
hand, both output files for disk-backing-chains-noindex are
identical, so it makes sense to only keep arou
Thomas Huth [2019-03-01, 12:10PM +0100]:
> When running virt-host-validate on an s390x host, the tool currently warns
> that it is "Unknown if this platform has IOMMU support". We can use the
> common check for entries in /sys/kernel/iommu_groups here, too, but it only
> makes sense to check it if
Hi Thomas,
looks good and also tried it out on s390x.
Reviewed-by: Boris Fiuczynski
On 3/1/19 12:10 PM, Thomas Huth wrote:
When running virt-host-validate on an s390x host, the tool currently warns
that it is "Unknown if this platform has IOMMU support". We can use the
common check for entrie
On Wed, Feb 20, 2019 at 01:34:04PM -0500, John Ferlan wrote:
> Now that we're using VIR_AUTOFREE there's quite a bit of clean up
> possible for now unnecessary goto paths.
>
> Signed-off-by: John Ferlan
> ---
Reviewed-by: Erik Skultety
--
libvir-list mailing list
libvir-list@redhat.com
https://w
On Wed, Feb 20, 2019 at 01:34:03PM -0500, John Ferlan wrote:
> Let's make use of the auto __cleanup capabilities for VIR_FREE consumers.
> In some cases adding or removing blank lines for readability.
>
> Signed-off-by: John Ferlan
> ---
Nicely done.
Reviewed-by: Erik Skultety
--
libvir-list ma
On Wed, Feb 20, 2019 at 01:34:01PM -0500, John Ferlan wrote:
> Now that we're using VIR_AUTOPTR(virBitmap) there's a couple of methods
> that we can clean up some now unnecessary goto paths.
>
> Signed-off-by: John Ferlan
> ---
Every reviewer has their own preferences. Truth to be told I agree wi
On Wed, Feb 20, 2019 at 01:34:02PM -0500, John Ferlan wrote:
> In preparation for VIR_AUTOFREE usage, let's remove a couple
> of unused variables so that clang compilations won't fail.
>
> Signed-off-by: John Ferlan
> ---
I guess that if there were more, Clang would have complained at some point
On Wed, Feb 20, 2019 at 01:34:00PM -0500, John Ferlan wrote:
> Let's make use of the auto __cleanup capabilities for virBitmapPtr.
>
> Signed-off-by: John Ferlan
> ---
Reviewed-by: Erik Skultety
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-lis
On Wed, Feb 20, 2019 at 01:33:59PM -0500, John Ferlan wrote:
> In preparation for using auto free mechanism, change to using the
> VIR_STEAL_PTR on @def to @ret and of course be sure to properly clean
> up @def in cleanup.
>
> Signed-off-by: John Ferlan
Reviewed-by: Erik Skultety
--
libvir-list
When running virt-host-validate on an s390x host, the tool currently warns
that it is "Unknown if this platform has IOMMU support". We can use the
common check for entries in /sys/kernel/iommu_groups here, too, but it only
makes sense to check it if there are also PCI devices available. It's also
c
On Mon, Feb 18, 2019 at 10:27:06AM -0500, John Ferlan wrote:
> Let's make use of the auto __cleanup capabilities cleaning up any
> now unnecessary goto paths.
>
> Signed-off-by: John Ferlan
> ---
Reviewed-by: Erik Skultety
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com
If pool refresh failed, then the internal table of volumes is
probably left in inconsistent or incomplete state anyways. Clear
it out then. This has an advantage that we can move the
virStoragePoolObjClearVols() from those very few backends that
do call it.
Signed-off-by: Michal Privoznik
---
sr
This is a wrapper over refreshPool() call as at all places we are
doing basically the same. Might as well have a single function to
call.
Signed-off-by: Michal Privoznik
---
src/storage/storage_driver.c | 61 +++-
1 file changed, 32 insertions(+), 29 deletions(-)
In d16f803d780 we've tried to solve an issue that after wiping an
image its format might have changed (e.g. from qcow2 to raw) but
libvirt wasn't probing the image format. We fixed this by calling
virStorageBackendRefreshVolTargetUpdate() which is what
refreshPool() would end up calling. But this s
Only active pools can be refreshed. But our completer offers just
all pool, even inactive ones.
Signed-off-by: Michal Privoznik
---
tools/virsh-pool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/virsh-pool.c b/tools/virsh-pool.c
index d98fd80330..f641f5776c 100644
-
*** BLURB HERE ***
Michal Prívozník (6):
storage_backend_iscsi_direct: Simplify vol zeroing
virISCSIDirectReportLuns: Drop ClearVols
storageVolWipePattern: Don't take shortcut to refreshPool()
storage_driver: Introduce storagePoolRefreshImpl()
storagePoolRefreshFailCleanup: Clear volumes
In bf5cf610f206d5d54 I've fixed a problem where iscsi-direct
backend was reporting only the last LUN. The fix consisted of
moving virStoragePoolObjClearVols() one level up. However, as it
turns out, storage driver already calls it before calling
refreshPool callback (which is
virStorageBackendISCSI
So far we have two branches: either we zero BLOCK_PER_PACKET
(currently 128) block at one, or if we're close to the last block
then we zero out one block at the time. This is very suboptimal.
We know how many block are there left. Might as well just write
them all at once.
Signed-off-by: Michal Pr
From: Viktor Mihajlovski
Since qemu 2.13 reports the target architecture in a property called
'target' additionally to the property 'arch', that has been used in
qemu 2.12 in the response data of 'query-cpus-fast'.
Libvirts monitor code prefers the 'target' property over 'arch'.
At least for s39
56 matches
Mail list logo
